Cisco Systems 2960 Manual De Usuario
30-8
Catalyst 2960 and 2960-S Switch Software Configuration Guide
OL-8603-09
Chapter 30 Configuring SNMP
Configuring SNMP
Configuring Community Strings
You use the SNMP community string to define the relationship between the SNMP manager and the
agent. The community string acts like a password to permit access to the agent on the switch. Optionally,
you can specify one or more of these characteristics associated with the string:
agent. The community string acts like a password to permit access to the agent on the switch. Optionally,
you can specify one or more of these characteristics associated with the string:
•
An access list of IP addresses of the SNMP managers that are permitted to use the community string
to gain access to the agent
to gain access to the agent
•
A MIB view, which defines the subset of all MIB objects accessible to the given community
•
Read and write or read-only permission for the MIB objects accessible to the community
Beginning in privileged EXEC mode, follow these steps to configure a community string on the switch:
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
snmp-server community string [view
view-name] [ro | rw]
[access-list-number]
view-name] [ro | rw]
[access-list-number]
Configure the community string.
Note
The @ symbol is used for delimiting the context information.
Avoid using the @ symbol as part of the SNMP community string
when configuring this command.
Avoid using the @ symbol as part of the SNMP community string
when configuring this command.
•
For string, specify a string that acts like a password and permits
access to the SNMP protocol. You can configure one or more
community strings of any length.
access to the SNMP protocol. You can configure one or more
community strings of any length.
•
(Optional) For view, specify the view record accessible to the
community.
community.
•
(Optional) Specify either read-only (ro) if you want authorized
management stations to retrieve MIB objects, or specify read-write
(rw) if you want authorized management stations to retrieve and
modify MIB objects. By default, the community string permits
read-only access to all objects.
management stations to retrieve MIB objects, or specify read-write
(rw) if you want authorized management stations to retrieve and
modify MIB objects. By default, the community string permits
read-only access to all objects.
•
(Optional) For access-list-number, enter an IP standard access list
numbered from 1 to 99 and 1300 to 1999.
numbered from 1 to 99 and 1300 to 1999.
Step 3
access-list access-list-number {deny |
permit} source [source-wildcard]
permit} source [source-wildcard]
(Optional) If you specified an IP standard access list number in Step 2,
then create the list, repeating the command as many times as necessary.
then create the list, repeating the command as many times as necessary.
•
For access-list-number, enter the access list number specified in Step
2.
2.
•
The deny keyword denies access if the conditions are matched. The
permit keyword permits access if the conditions are matched.
permit keyword permits access if the conditions are matched.
•
For source, enter the IP address of the SNMP managers that are
permitted to use the community string to gain access to the agent.
permitted to use the community string to gain access to the agent.
•
(Optional) For source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
Recall that the access list is always terminated by an implicit deny
statement for everything.
statement for everything.
Step 4
end
Return to privileged EXEC mode.